
<?php
include '../mysqladmin.php';
$strName = $_POST["username"];
$oldPassword = $_POST["oldPassword"];
$strPassword = $_POST["password"];
$sql = "select * from admin where account='{$strName}'";
$result = mysqli_query($link, $sql);
if(!$result->num_rows){
    $code["msg"] = "用户不存在！";
    $res = json_encode($code);
    echo $res;
    return;
}else{
  $row=$result->fetch_array();
  if($row['password']!=$oldPassword){
      $code["msg"] = "旧密码错误！";
      $res = json_encode($code);
      echo $res;
      return;
  }
}
$sql1 = "update admin set password='{$strPassword}' where account='{$strName}'";
$okk = mysqli_query($link, $sql1);
if($okk){
    $code["status"] = true;
    $code["msg"] = "修改成功！";
    $res = json_encode($code);
    echo $res;
}else{
    $code["msg"] = $link->error;
    $res = json_encode($code);
    echo $res;
}
mysqli_close($link);
?>
